… | |
… | |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 | GNU General Public License for more details. |
15 | GNU General Public License for more details. |
16 | |
16 | |
17 | You should have received a copy of the GNU General Public License |
17 | You should have received a copy of the GNU General Public License |
18 | along with gvpe; if not, write to the Free Software |
18 | along with gvpe; if not, write to the Free Software |
19 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
19 | Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
20 | */ |
20 | */ |
21 | |
21 | |
22 | #include "config.h" |
22 | #include "config.h" |
23 | |
23 | |
24 | #include <list> |
24 | #include <list> |
… | |
… | |
108 | |
108 | |
109 | if (ipv4_fd < 0) |
109 | if (ipv4_fd < 0) |
110 | return -1; |
110 | return -1; |
111 | |
111 | |
112 | fcntl (ipv4_fd, F_SETFL, O_NONBLOCK); |
112 | fcntl (ipv4_fd, F_SETFL, O_NONBLOCK); |
|
|
113 | fcntl (ipv4_fd, F_SETFD, FD_CLOEXEC); |
113 | |
114 | |
114 | #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
115 | #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
115 | // this I really consider a linux bug. I am neither connected |
116 | // this I really consider a linux bug. I am neither connected |
116 | // nor do I fragment myself. Linux still sets DF and doesn't |
117 | // nor do I fragment myself. Linux still sets DF and doesn't |
117 | // fragment for me sometimes. |
118 | // fragment for me sometimes. |
… | |
… | |
127 | { |
128 | { |
128 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
129 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
129 | exit (EXIT_FAILURE); |
130 | exit (EXIT_FAILURE); |
130 | } |
131 | } |
131 | |
132 | |
132 | ipv4_ev_watcher.start (ipv4_fd, EVENT_READ); |
133 | ipv4_ev_watcher.start (ipv4_fd, EV_READ); |
133 | } |
134 | } |
134 | |
135 | |
135 | udpv4_fd = -1; |
136 | udpv4_fd = -1; |
136 | |
137 | |
137 | if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port) |
138 | if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port) |
… | |
… | |
140 | |
141 | |
141 | if (udpv4_fd < 0) |
142 | if (udpv4_fd < 0) |
142 | return -1; |
143 | return -1; |
143 | |
144 | |
144 | fcntl (udpv4_fd, F_SETFL, O_NONBLOCK); |
145 | fcntl (udpv4_fd, F_SETFL, O_NONBLOCK); |
|
|
146 | fcntl (udpv4_fd, F_SETFD, FD_CLOEXEC); |
145 | |
147 | |
146 | // standard daemon practise... |
148 | // standard daemon practise... |
147 | { |
149 | { |
148 | int oval = 1; |
150 | int oval = 1; |
149 | setsockopt (udpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
151 | setsockopt (udpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
… | |
… | |
165 | { |
167 | { |
166 | slog (L_ERR, _("can't bind udpv4 on %s: %s"), (const char *)si, strerror (errno)); |
168 | slog (L_ERR, _("can't bind udpv4 on %s: %s"), (const char *)si, strerror (errno)); |
167 | exit (EXIT_FAILURE); |
169 | exit (EXIT_FAILURE); |
168 | } |
170 | } |
169 | |
171 | |
170 | udpv4_ev_watcher.start (udpv4_fd, EVENT_READ); |
172 | udpv4_ev_watcher.start (udpv4_fd, EV_READ); |
171 | } |
173 | } |
172 | |
174 | |
173 | icmpv4_fd = -1; |
175 | icmpv4_fd = -1; |
174 | |
176 | |
175 | #if ENABLE_ICMP |
177 | #if ENABLE_ICMP |
… | |
… | |
179 | |
181 | |
180 | if (icmpv4_fd < 0) |
182 | if (icmpv4_fd < 0) |
181 | return -1; |
183 | return -1; |
182 | |
184 | |
183 | fcntl (icmpv4_fd, F_SETFL, O_NONBLOCK); |
185 | fcntl (icmpv4_fd, F_SETFL, O_NONBLOCK); |
|
|
186 | fcntl (icmpv4_fd, F_SETFD, FD_CLOEXEC); |
184 | |
187 | |
185 | #ifdef ICMP_FILTER |
188 | #ifdef ICMP_FILTER |
186 | { |
189 | { |
187 | icmp_filter oval; |
190 | icmp_filter oval; |
188 | oval.data = 0xffffffff; |
191 | oval.data = 0xffffffff; |
… | |
… | |
197 | // this I really consider a linux bug. I am neither connected |
200 | // this I really consider a linux bug. I am neither connected |
198 | // nor do I fragment myself. Linux still sets DF and doesn't |
201 | // nor do I fragment myself. Linux still sets DF and doesn't |
199 | // fragment for me sometimes. |
202 | // fragment for me sometimes. |
200 | { |
203 | { |
201 | int oval = IP_PMTUDISC_DONT; |
204 | int oval = IP_PMTUDISC_DONT; |
202 | setsockopt (udpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
205 | setsockopt (icmpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
203 | } |
206 | } |
204 | #endif |
207 | #endif |
205 | |
208 | |
206 | sockinfo si (THISNODE, PROT_ICMPv4); |
209 | sockinfo si (THISNODE, PROT_ICMPv4); |
207 | |
210 | |
… | |
… | |
209 | { |
212 | { |
210 | slog (L_ERR, _("can't bind icmpv4 on %s: %s"), (const char *)si, strerror (errno)); |
213 | slog (L_ERR, _("can't bind icmpv4 on %s: %s"), (const char *)si, strerror (errno)); |
211 | exit (EXIT_FAILURE); |
214 | exit (EXIT_FAILURE); |
212 | } |
215 | } |
213 | |
216 | |
214 | icmpv4_ev_watcher.start (icmpv4_fd, EVENT_READ); |
217 | icmpv4_ev_watcher.start (icmpv4_fd, EV_READ); |
215 | } |
218 | } |
216 | #endif |
219 | #endif |
217 | |
220 | |
218 | tcpv4_fd = -1; |
221 | tcpv4_fd = -1; |
219 | |
222 | |
… | |
… | |
224 | |
227 | |
225 | if (tcpv4_fd < 0) |
228 | if (tcpv4_fd < 0) |
226 | return -1; |
229 | return -1; |
227 | |
230 | |
228 | fcntl (tcpv4_fd, F_SETFL, O_NONBLOCK); |
231 | fcntl (tcpv4_fd, F_SETFL, O_NONBLOCK); |
|
|
232 | fcntl (tcpv4_fd, F_SETFD, FD_CLOEXEC); |
229 | |
233 | |
230 | // standard daemon practise... |
234 | // standard daemon practise... |
231 | { |
235 | { |
232 | int oval = 1; |
236 | int oval = 1; |
233 | setsockopt (tcpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
237 | setsockopt (tcpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
… | |
… | |
245 | { |
249 | { |
246 | slog (L_ERR, _("can't listen tcpv4 on %s: %s"), (const char *)si, strerror (errno)); |
250 | slog (L_ERR, _("can't listen tcpv4 on %s: %s"), (const char *)si, strerror (errno)); |
247 | exit (EXIT_FAILURE); |
251 | exit (EXIT_FAILURE); |
248 | } |
252 | } |
249 | |
253 | |
250 | tcpv4_ev_watcher.start (tcpv4_fd, EVENT_READ); |
254 | tcpv4_ev_watcher.start (tcpv4_fd, EV_READ); |
251 | } |
255 | } |
252 | #endif |
256 | #endif |
253 | |
257 | |
254 | #if ENABLE_DNS |
258 | #if ENABLE_DNS |
255 | if (THISNODE->protocols & PROT_DNSv4) |
259 | if (THISNODE->protocols & PROT_DNSv4) |
… | |
… | |
259 | dnsv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
263 | dnsv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
260 | |
264 | |
261 | if (dnsv4_fd < 0) |
265 | if (dnsv4_fd < 0) |
262 | return -1; |
266 | return -1; |
263 | |
267 | |
|
|
268 | fcntl (dnsv4_fd, F_SETFL, O_NONBLOCK); |
|
|
269 | fcntl (dnsv4_fd, F_SETFD, FD_CLOEXEC); |
|
|
270 | |
264 | #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
271 | # if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
265 | // this I really consider a linux bug. I am neither connected |
272 | // this I really consider a linux bug. I am neither connected |
266 | // nor do I fragment myself. Linux still sets DF and doesn't |
273 | // nor do I fragment myself. Linux still sets DF and doesn't |
267 | // fragment for me sometimes. |
274 | // fragment for me sometimes. |
268 | { |
275 | { |
269 | int oval = IP_PMTUDISC_DONT; |
276 | int oval = IP_PMTUDISC_DONT; |
270 | setsockopt (udpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
277 | setsockopt (dnsv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
271 | } |
278 | } |
272 | #endif |
279 | # endif |
273 | |
280 | |
274 | // standard daemon practise... |
281 | // standard daemon practise... |
275 | { |
282 | { |
276 | int oval = 1; |
283 | int oval = 1; |
277 | setsockopt (dnsv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
284 | setsockopt (dnsv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
… | |
… | |
285 | { |
292 | { |
286 | slog (L_ERR, _("can't bind dnsv4 on %s: %s"), (const char *)si, strerror (errno)); |
293 | slog (L_ERR, _("can't bind dnsv4 on %s: %s"), (const char *)si, strerror (errno)); |
287 | exit (EXIT_FAILURE); |
294 | exit (EXIT_FAILURE); |
288 | } |
295 | } |
289 | |
296 | |
290 | dnsv4_ev_watcher.start (dnsv4_fd, EVENT_READ); |
297 | dnsv4_ev_watcher.start (dnsv4_fd, EV_READ); |
291 | } |
298 | } |
292 | #endif |
299 | #endif |
293 | |
300 | |
294 | ///////////////////////////////////////////////////////////////////////////// |
301 | ///////////////////////////////////////////////////////////////////////////// |
295 | |
302 | |
… | |
… | |
302 | { |
309 | { |
303 | slog (L_ERR, _("cannot create network interface '%s'"), conf.ifname); |
310 | slog (L_ERR, _("cannot create network interface '%s'"), conf.ifname); |
304 | exit (EXIT_FAILURE); |
311 | exit (EXIT_FAILURE); |
305 | } |
312 | } |
306 | |
313 | |
|
|
314 | fcntl (tap->fd, F_SETFD, FD_CLOEXEC); |
|
|
315 | |
307 | if (tap->if_up () && |
316 | if (tap->if_up () && |
308 | !run_script (run_script_cb (this, &vpn::script_if_init), true)) |
317 | !run_script (run_script_cb (this, &vpn::script_if_init), true)) |
309 | { |
318 | { |
310 | slog (L_ERR, _("interface initialization command '%s' failed, exiting."), |
319 | slog (L_ERR, _("interface initialization command '%s' failed, exiting."), |
311 | tap->if_up ()); |
320 | tap->if_up ()); |
… | |
… | |
316 | { |
325 | { |
317 | slog (L_ERR, _("if-up command execution failed, exiting.")); |
326 | slog (L_ERR, _("if-up command execution failed, exiting.")); |
318 | exit (EXIT_FAILURE); |
327 | exit (EXIT_FAILURE); |
319 | } |
328 | } |
320 | |
329 | |
321 | tap_ev_watcher.start (tap->fd, EVENT_READ); |
330 | tap_ev_watcher.start (tap->fd, EV_READ); |
322 | |
331 | |
323 | return 0; |
332 | return 0; |
324 | } |
333 | } |
325 | |
334 | |
326 | bool |
335 | bool |
… | |
… | |
477 | |
486 | |
478 | return false; |
487 | return false; |
479 | } |
488 | } |
480 | |
489 | |
481 | void |
490 | void |
482 | vpn::ipv4_ev (io_watcher &w, short revents) |
491 | vpn::ipv4_ev (ev::io &w, int revents) |
483 | { |
492 | { |
484 | if (revents & EVENT_READ) |
493 | if (revents & EV_READ) |
485 | { |
494 | { |
486 | vpn_packet *pkt = new vpn_packet; |
495 | vpn_packet *pkt = new vpn_packet; |
487 | struct sockaddr_in sa; |
496 | struct sockaddr_in sa; |
488 | socklen_t sa_len = sizeof (sa); |
497 | socklen_t sa_len = sizeof (sa); |
489 | int len; |
498 | int len; |
… | |
… | |
518 | } |
527 | } |
519 | } |
528 | } |
520 | |
529 | |
521 | #if ENABLE_ICMP |
530 | #if ENABLE_ICMP |
522 | void |
531 | void |
523 | vpn::icmpv4_ev (io_watcher &w, short revents) |
532 | vpn::icmpv4_ev (ev::io &w, int revents) |
524 | { |
533 | { |
525 | if (revents & EVENT_READ) |
534 | if (revents & EV_READ) |
526 | { |
535 | { |
527 | vpn_packet *pkt = new vpn_packet; |
536 | vpn_packet *pkt = new vpn_packet; |
528 | struct sockaddr_in sa; |
537 | struct sockaddr_in sa; |
529 | socklen_t sa_len = sizeof (sa); |
538 | socklen_t sa_len = sizeof (sa); |
530 | int len; |
539 | int len; |
… | |
… | |
566 | } |
575 | } |
567 | } |
576 | } |
568 | #endif |
577 | #endif |
569 | |
578 | |
570 | void |
579 | void |
571 | vpn::udpv4_ev (io_watcher &w, short revents) |
580 | vpn::udpv4_ev (ev::io &w, int revents) |
572 | { |
581 | { |
573 | if (revents & EVENT_READ) |
582 | if (revents & EV_READ) |
574 | { |
583 | { |
575 | vpn_packet *pkt = new vpn_packet; |
584 | vpn_packet *pkt = new vpn_packet; |
576 | struct sockaddr_in sa; |
585 | struct sockaddr_in sa; |
577 | socklen_t sa_len = sizeof (sa); |
586 | socklen_t sa_len = sizeof (sa); |
578 | int len; |
587 | int len; |
… | |
… | |
603 | exit (EXIT_FAILURE); |
612 | exit (EXIT_FAILURE); |
604 | } |
613 | } |
605 | } |
614 | } |
606 | |
615 | |
607 | void |
616 | void |
608 | vpn::tap_ev (io_watcher &w, short revents) |
617 | vpn::tap_ev (ev::io &w, int revents) |
609 | { |
618 | { |
610 | if (revents & EVENT_READ) |
619 | if (revents & EV_READ) |
611 | { |
620 | { |
612 | /* process data */ |
621 | /* process data */ |
613 | tap_packet *pkt; |
622 | tap_packet *pkt; |
614 | |
623 | |
615 | pkt = tap->recv (); |
624 | pkt = tap->recv (); |
… | |
… | |
645 | else |
654 | else |
646 | abort (); |
655 | abort (); |
647 | } |
656 | } |
648 | |
657 | |
649 | void |
658 | void |
650 | vpn::event_cb (time_watcher &w) |
659 | vpn::event_cb (ev::timer &w, int) |
651 | { |
660 | { |
652 | if (events) |
661 | if (events) |
653 | { |
662 | { |
654 | if (events & EVENT_SHUTDOWN) |
663 | if (events & EVENT_SHUTDOWN) |
655 | { |
664 | { |
… | |
… | |
746 | } |
755 | } |
747 | |
756 | |
748 | void |
757 | void |
749 | vpn::dump_status () |
758 | vpn::dump_status () |
750 | { |
759 | { |
751 | slog (L_NOTICE, _("BEGIN status dump (%ld)"), (long)NOW); |
760 | slog (L_NOTICE, _("BEGIN status dump (%ld)"), (long)ev::ev_now ()); |
752 | |
761 | |
753 | for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c) |
762 | for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c) |
754 | (*c)->dump_status (); |
763 | (*c)->dump_status (); |
755 | |
764 | |
756 | slog (L_NOTICE, _("END status dump")); |
765 | slog (L_NOTICE, _("END status dump")); |